grep-backURLs - Automated way to extract juicy info with subfinder and waybackurls
https://github.com/gigachad80/grep-backURLs
https://github.com/gigachad80/grep-backURLs
1๐ฅ12๐4
templates/processed/syslog-tcp-forward.conf
templates/processed/config.ini
Credit- Suyash Sharma
Please open Telegram to view this post
VIEW IN TELEGRAM
๐18๐ฅ9โค2
https://github.com/iamunixtz/Lazy-Hunter
Please open Telegram to view this post
VIEW IN TELEGRAM
๐17๐ฅ8โค3๐ฟ1
Need an extensive SQL injection cheat sheet for bug bounty hunting and pentesting in general? ๐ง
Check out @0xTib3rius' SQL Injection cheat sheet, it provides payloads for the 5 most popular databases such as MySQL, PostgreSQL, Oracle, etc.! ๐
๐ buff.ly/3WeSO5X
Check out @0xTib3rius' SQL Injection cheat sheet, it provides payloads for the 5 most popular databases such as MySQL, PostgreSQL, Oracle, etc.! ๐
๐ buff.ly/3WeSO5X
๐13๐6
๐ค6
This media is not supported in your browser
VIEW IN TELEGRAM
urlhunter: A recon tool that allows searching on URLs that are exposed via shortener services
Link: https://github.com/utkusen/urlhunter
Link: https://github.com/utkusen/urlhunter
๐ฅ18๐3โค2๐ค2
Brut Security
From The Author https://www.youtube.com/watch?v=qY6Zl43hMko
YouTube
EpicGames - Live Bug Bounty Hunting on Hackerone (hunting cves)
EpicGames - Live Bug Bounty Hunting on HackerOne (Hunting CVEs) | Using Lazy-Hunter
Tool: https://github.com/iamunixtz/Lazy-Hunter
Join us as we dive into live bug bounty hunting on HackerOne, specifically targeting EpicGames vulnerabilities! In this sessionโฆ
Tool: https://github.com/iamunixtz/Lazy-Hunter
Join us as we dive into live bug bounty hunting on HackerOne, specifically targeting EpicGames vulnerabilities! In this sessionโฆ
๐ฅ23๐7
CVE-2025-26794: SQL Injection in Exim 4.98, 7.5 ratingโ๏ธ
A vulnerability in the Exim mail transfer agent could allow a remote attacker to perform SQL injection.
Search at Netlas.io:
๐ Link: https://nt.ls/ge4Iy
๐ Dork: smtp.banner:"Exim 4.98"
Vendor's advisory: https://www.exim.org/static/doc/security/CVE-2025-26794.txt
A vulnerability in the Exim mail transfer agent could allow a remote attacker to perform SQL injection.
Search at Netlas.io:
๐ Link: https://nt.ls/ge4Iy
๐ Dork: smtp.banner:"Exim 4.98"
Vendor's advisory: https://www.exim.org/static/doc/security/CVE-2025-26794.txt
๐ฅ35๐10๐ณ1
Please open Telegram to view this post
VIEW IN TELEGRAM
๐14๐ฅ3๐ณ1๐ฟ1
CVE-2025-1128: RCE in Everest Forms WordPress Plugin, 9.8 rating ๐ฅ
The vulnerability allows an unauthenticated attacker to perform a wide range of actions with the site: upload arbitrary files, RCE, delete config files.
Search at Netlas.io:
๐ Link: https://nt.ls/q6pgJ
๐ Dork: http.body:"plugins/everest-forms"
Read more: https://www.wordfence.com/blog/2025/02/100000-wordpress-sites-affected-by-arbitrary-file-upload-read-and-deletion-vulnerability-in-everest-forms-wordpress-plugin/
The vulnerability allows an unauthenticated attacker to perform a wide range of actions with the site: upload arbitrary files, RCE, delete config files.
Search at Netlas.io:
๐ Link: https://nt.ls/q6pgJ
๐ Dork: http.body:"plugins/everest-forms"
Read more: https://www.wordfence.com/blog/2025/02/100000-wordpress-sites-affected-by-arbitrary-file-upload-read-and-deletion-vulnerability-in-everest-forms-wordpress-plugin/
๐ฅ11๐1
๐๐ฎ๐บ๐ฒ ๐ผ๐ณ ๐๐ฐ๐๐ถ๐๐ฒ ๐๐ถ๐ฟ๐ฒ๐ฐ๐๐ผ๐ฟ๐
๐ป ๐ป GOAD is a pentest active directory LAB project. This lab aims to give pentesters a vulnerable AD environment ready to use to practice usual attack techniques.
๐ฅ https://github.com/Orange-Cyberdefense/GOAD
Please open Telegram to view this post
VIEW IN TELEGRAM
๐ฅ17๐7โค2
๐ BApp Store: https://portswigger.net/bappstore/a321360c6e114b3dab6f2c67d68c241a
๐ป Source Code: https://github.com/portswigger/spoofproof
Please open Telegram to view this post
VIEW IN TELEGRAM
๐ฅ20โค6๐4๐คจ2
Don't forget to react guys ๐
Please open Telegram to view this post
VIEW IN TELEGRAM
๐ฟ21๐ฅ10๐6๐4๐ณ2๐คฃ1๐ซก1